Wed, Apr 12, 2017 1:00 PM- 1:30 PM EST

In order to remotely take over a host running the GNU/Linux operating system, the most common strategy is for the attacker to get a program to run as the root user. In essence, a low-privileged backdoor elevates its privileges to the highest level available on the system, from which all data on the system become available, and all actions become possible.

Fortunately, the exploits and techniques leveraged for elevating privileges leave some signature traces to whom actively looks for them, as Arc4dia’s SNOW does.

In this webinar:

1. We will discuss signs of privilege elevation and a model for such attacks.

2. We will walk through the investigation of two such episodes.

3. We will outline best practices that can mitigate the privilege elevation risk on a Linux host.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

REGISTER TODAY!

Defenders of IT infrastructures complain that detecting malware is hard — but so it is for malware to hide. Malicious programs have to leverage the same computing hooks to run on a system, so they necessarily leave specific traces and artifacts. Arc4dia’s SNOW offers a few features that facilitate sleuthing for these artifacts.

In this webinar:

1. We will present SNOW’s database of objects.
2. We will show how we can look for outliers on a host, objects rarely seen across a given network.
3. We will demonstrate how to look for outlier relationships between objects, which may uncover malware even when it sneaks into common files and directories.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Justin Seitz is a Hunter @Arc4dia, has written books “Black Hat Python” & “Grey Hat Python”, Creator of @Hunchly. Blogging & training #OSINT techniques.

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Updated: For those who missed the webinar, you can watch here or read the transcript

In this webinar:

1. We will demonstrate how to execute incident response remotely by taking action against an infected host.

2. We will show how to interrupt malware computation with surgical precision.

3. Then grab the payload for offline analysis.

4. We will also present how to clean up the infection once its spread has been ascertained.

5. Finally, we will discuss some tricks on setting up a response plan, with clear communication lines and standard operating procedures.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Justin Seitz is a Hunter @Arc4dia, has written books “Black Hat Python” & “Grey Hat Python”, Creator of @Hunchly. Blogging & training #OSINT techniques.

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Updated: For those who missed the webinar, you can watch here or read the transcript

During this session , Justin will cover the following topics :

1. What is process hollowing
2. Detection
3. Investigating a hollowed process
4. Pitfalls

Questions will be answered by Marc Theberge, CCSO @Arc4dia

During this session , Justin will cover the following topics :

• A tamed piece of malware
• Infecting the target host
• Examining  process memory
• Further clues to the infection
• Neutralizing the threat
• Mapping the malware spread

Questions will be answered by Marc Theberge, CCSO @Arc4dia